Credentials Rotation Implement (#32000)

demisto · Jan 30, 2024 · 28150e6 · 28150e6
1 parent d9ba1b2
commit 28150e6
Show file tree

Hide file tree

Showing 39 changed files with 2,353 additions and 1,283 deletions.
diff --git a/Packs/AWS-Enrichment-Remediation/Playbooks/playbook-Cloud_Credentials_Rotation_-_AWS.yml b/Packs/AWS-Enrichment-Remediation/Playbooks/playbook-Cloud_Credentials_Rotation_-_AWS.yml
@@ -619,25 +619,17 @@ tasks:
       policyDocument:
         simple: |-
           {
-              "Version": "2012-10-17",
-              "Statement": [
-                  {
-                      "Effect": "Deny",
-                      "Action": [
-                          "*"
-                      ],
-                      "Resource": [
-                          "*"
-                      ],
-                      "Condition": {
-                          "DateLessThan": {
-                              "aws:TokenIssueTime": "[policy creation time]"
-                          }
-                  }
-              ]
+            "Version": "2012-10-17",
+            "Statement": [
+              {
+                "Effect": "Deny",
+                "Action": "*",
+                "Resource": "*"
+              }
+            ]
           }
       policyName:
-        simple: XSIAM-DenyPolicy-Alert ${alert.id}
+        simple: XSIAM-DenyPolicy-Alert-${alert.id}
       roleName:
         complex:
           root: AWS.IAM.InstanceProfiles.Roles
@@ -1311,12 +1303,6 @@ tasks:
               complex:
                 root: inputs.instanceID
             iscontext: true
-      - - operator: isNotEmpty
-          left:
-            value:
-              complex:
-                root: inputs.instanceProfileName
-            iscontext: true
     - label: USER
       condition:
       - - operator: isEqualString

diff --git a/...hment-Remediation/Playbooks/playbook-Cloud_Credentials_Rotation_-_AWS_README.md b/...hment-Remediation/Playbooks/playbook-Cloud_Credentials_Rotation_-_AWS_README.md
@@ -28,26 +28,26 @@ This playbook does not use any integrations.
 
 ### Scripts
 
-* GeneratePassword
 * Set
+* GeneratePassword
 
 ### Commands
 
+* aws-ec2-describe-iam-instance-profile-associations
 * aws-iam-list-attached-role-policies
 * aws-iam-list-role-policies
-* aws-iam-get-instance-profile
+* aws-iam-list-policy-versions
 * aws-iam-create-instance-profile
+* aws-iam-get-policy-version
+* aws-iam-create-role
 * aws-iam-attach-policy
 * aws-iam-put-role-policy
-* aws-iam-get-role-policy
-* aws-iam-create-role
-* aws-iam-get-policy-version
-* aws-ec2-describe-regions
-* aws-ec2-describe-iam-instance-profile-associations
-* aws-iam-list-policy-versions
-* aws-ec2-describe-instances
 * aws-iam-update-login-profile
 * aws-iam-update-access-key
+* aws-iam-get-instance-profile
+* aws-ec2-describe-instances
+* aws-iam-get-role-policy
+* aws-ec2-describe-regions
 
 ## Playbook Inputs
 

diff --git a/Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_15.md b/Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_15.md
@@ -0,0 +1,7 @@
+
+#### Playbooks
+
+##### Cloud Credentials Rotation - AWS
+
+- Fixes a bug in the playbook flow where a wrong field was used for the identity type selection
+- Removes an unused playbook input from a conditional task
diff --git a/Packs/AWS-Enrichment-Remediation/pack_metadata.json b/Packs/AWS-Enrichment-Remediation/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "AWS Enrichment and Remediation",
     "description": "Playbooks using multiple AWS content packs for enrichment and remediation purposes",
     "support": "xsoar",
-    "currentVersion": "1.1.14",
+    "currentVersion": "1.1.15",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",